Skip to content

Kubernetes quick start

This page is for people who are familiar with Kubernetes in general, and want to start using it as quickly as possible.

Requesting access

In order to obtain access to Kubernetes, please submit a Kubernetes request . Alternatively you can email your request to support@hpc.ut.ee .

Polices set access at the tenant/namespace level. This means that you get a namespace and give access to that specific namespace, mostly with administrator permissions.

UTHPC uses a kubeconfig file to permit access to Kubernetes. Certificate and token are inside kubeconfig file. This means you need to have kubectl installed. Users usually get access via their ETAIS account.

Using ETAIS access

Kubernetes allows access via the MyAccessID authentication system. This is the easiest way to obtain access to the cluster, as everyone shares the same KUBECONFIG file.

You should still write to support@hpc.ut.ee to get necessary permissions though, as by default, a user has no permissions inside the cluster.

Authenticating via MyAccessID requires completing three additional steps:

  • Install the kubelogin kubectl plugin. This is required to authenticate with MyAccessID.
  • Add the shared KUBECONFIG file to your local computer (below). If you add it to ~/.kube/config, which is automatically used for all kubectl commands.
  • When using this configuration for kubectl, the first command you enter opens a browser window. You can login explicitly also with the kubectl oidc-login login command.
  • Inside this browser window you can login with any institution's credentials. Upon success, you'll have access to the cluster.
kubectl configuration
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1ekNDQWMrZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01Ea3hOVEV3TlRFek1Gb1hEVE13TURreE16RXdOVEV6TUZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTkt5CnBtNy9BVmFPQStnT1BEQzBtekZ6d0pzRUw3ZkRMN0taR3R1Y3RycUJIR3JaL0MyZ2pJbEpwN2pCZ0FDU0E2eW4KNEhqNXk0UTdTN0s0R0JhbGNya3QrV2duMkwyckxKK0NUYXhiYmh4alczRDR6dEdtanhJTUFSeXRUV2xDL1ZtVAphTUtCZ3pmTFY5LzBPNUxtM1J4cEFMbm9MN1dUS3lyTmxGR29aSWUxbTVjK0JyenZmZjRKa2dmYWVucEw3Uk5CCjM5TDRvQ3NVdFNXeDZUVGNSN25JTHRiUXZZV0doYnE2UHRzS3BDcmxzMXlSazJDS1QwQUI5akFKMHhzakxkckgKZVZEOFROUFl1aEhBRVhLSVZUenVNUm92Q29DZVVnK002Nk9MNHpJem81aFZadFJJRWtkNi9wSTI1NmpsNVFDMQpJZW5KTDFpK2VwazJvQWpac1RNQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZNRTRpQldSS0ptRTFaZEFJOTZGbXYzdWdSdkZNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFERXdBem0zd1BIcDcwcFhObHdzNmhTV2ZIRWQ1b1prOWlTSzFMTVhFNm4vZHBCQkhiagpMOUVyVlBnWXlpeFFzZFIwZEtKUEZYQlh5dDlERllPVzJqTzRRMUFBVks1U3RTMjk5K3lZUDBIS1ZrZU5STE40Cm1wbDE0Zy9xNW1mR05pRlIzVm93cmFoR3ZQc1R6bVhScTNMd1pHbFZFSXNRR2w5elhYaVZoV29FTllVN2JTa1IKM0FxS0dQc2VDTmRmTTE3TzVZTno0cUw4VDA1Q21zZ1V3dlUrSU5CdFFIcmxXQVhQN2wyR3h5NzBDdmlxUXh2Qgp2d3NaVkpkcXdJMEg0c3ZWNW5FbElLM2dGY2hsTWoxS2k2RTJORGJNRmY4aWNQc2kxTFo1dllHUnVDVEN2QmgrCnd4eVQwekxRd1A4STBiNWZ5V1V3WnBzMmErcVR3V2xxRVpjdgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
    server: https://kubernetes.hpc.ut.ee:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: etais-user
  name: etais-user@kubernetes
current-context: etais-user@kubernetes
kind: Config
preferences: {}
users:
- name: etais-user
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1beta1
      args:
      - oidc-login
      - get-token
      - --oidc-issuer-url=https://keycloak.hpc.ut.ee/realms/ETAIS
      - --oidc-client-id=kubernetes.hpc.ut.ee
      - --oidc-use-pkce
      command: kubectl
      env: null
      provideClusterInfo: false    

Explore key concepts

For a deeper understanding of how to use the full potential of the Kubernetes environment, please explore the detailed concept guides. These guides provide explanations and examples into how the managed Kubernetes service is set up.

Available guides

  • Databases - Learn how to deploy and manage databases within the managed Kubernetes cluster.
  • Ingress - Discover how to set up and configure Ingress objects to manage external access to your applications.
  • Load Balancers - Understand the setup and usage of LoadBalancer service to manage external access to your applications.
  • Using storage - Learn how to keep data across Pod restarts, persistently.
  • GPU Usage - Explore how to utilize GPUs within the cluster for computing-intensive applications.
  • CI/CD Integration - Get insights into integrating continuous integration and continuous deployment pipelines with UTHPC Kubernetes infrastructure.

Each guide is designed to provide you with the knowledge needed to effectively use and manage the relevant Kubernetes resources. If you're missing some specific feature, feel free to ask HPC support. New operators and extra configurations can be added on request, if it does not negatively impact the cluster's security or usability.

Billing

[ALPHA]

Billing is still in [ALPHA] status, meaning it's not properly done. For now, Kubernetes billing works on agreement basis, but we are working towards implementing an understandable and transparent billing structure.